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1 The relational model for database management: version 2 j 
E. F. Codd 

January 1990 Book 

Publisher: Addison-Wesley Longman Publishing Co., Inc. 

Full text available* t 5 "! pdf(28 61 MB) Additional Information: full citation , abstract , references , citings, index 
• i£| ■ terms , review 

From the Preface (See Front Matter for full Preface) 

An important adjunct to precision is a sound theoretical foundation. The relational model 
is solidly based on two parts of mathematics: firstorder predicate logic and the theory of 
relations. This book, however, does not dwell on the theoretical foundations, but rather on 
all the features of the relational model that I now perceive as important for database 
users, and therefore for DBMS vendors. My perceptions result from 20 y ... 

2 T1-B: computer and network security symposium: An enterprise policy-based security 
^ protocol for protectin g relational database network o bjects 

^ Wassim Itani, Ayman Kayssi, AN Chehab 

July 2006 Proceeding of the 2006 international conference on Communications and 

mobile computing IWCMC '06 
Publisher: ACM Press 

Full text available: Q pdf(1.42 MB ) Additional Information: full citation , abstract , references , index terms 

In this paper we present ESCORT, an Enterprise, policy-baSed security protocol for 
protecting relational daTabase network objects. ESCORT is an efficient end-to-end 
security architecture that ensures the confidentiality and integrity of database objects 
flowing over network links between the Enterprise Information System (EIS) layer 
represented mainly in relational database servers and the client layer represented by a 
large variety of devices with diverse capabilities and resources. ESCORT is d ... 

Keywords: customizable security, policy-driven security, relational databases, security 
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Publisher: ACM Press 

Full text available* fj£l pdf(8.01 MB) Additional Information: full citation ; abstract , references , citings , index 
' terms 

Probabilistic, or randomized, algorithms are fast becoming as commonplace as 
conventional deterministic algorithms. This survey presents five techniques that have 
been widely used in the design of randomized algorithms. These techniques are illustrated 
using 12 randomized algorithms— both sequential and distributed— that span a wide 
range of applications, including:primality testing (a classical problem in number theory), 
interactive probabilistic proof s ... 

Keywords: Byzantine agreement, CSP, analysis of algorithms, computational complexity, 
dining philosophers problem, distributed algorithms, graph isomorphism, hashing, 
interactive probabilistic proof systems, leader election, message routing, nearest- 
neighbors problem, perfect hashing, primality testing, probabilistic techniques, 
randomized or probabilistic algorithms, randomized quicksort, sequential algorithms, 
transitive tournaments, universal hashing 

Database security: Privacy-preserving semantic interoperation and access control of Q 
hetero g eneous database s 

Prasenjit Mitra, Chi-Chun Pan, Peng Liu, Vijayalakshmi Atluri 

March 2006 Proceedings of the 2006 ACM Symposium on Information, computer and 
communications security ASIACCS '06 

Publisher: ACM Press 

Full text available: ^ pdf(443.12 KB ) Additional Information: full citation , abstract , references 

Today, many applications require users from one organization to access data belonging to 
organizations. While traditional solutions offered for the federated and mediated 
databases facilitate this by sharing metadata, this may not be acceptable for certain 
organizations due to privacy concerns. In this paper, we propose a novel solution — 
Privacy-preserving Access Control Toolkit (PACT) - that enables privacy-preserving 
secure semantic access control and allows sharing of data am ... 

Pen computin g : a technolo g y overview and a vision Q 
Andre Meyer 

July 1995 ACM SIGCHI Bulletin, Volume 27 Issue 3 
Publisher: ACM Press 

Full text available: g| pdf(5.14 MB) Additional Information: full citation , abstract , citings, index terms 

This work gives an overview of a new technology that is attracting growing interest in 
public as well as in the computer industry itself. The visible difference from other 
technologies is in the use of a pen or pencil as the primary means of interaction between 
a user and a machine, picking up the familiar pen and paper interface metaphor. From 
this follows a set of consequences that will be analyzed and put into context with other 
emerging technologies and visions.Starting with a short historic ... 

IS '97: model curr i cul u m and g uidelines for under g raduate d eg ree pro grams in Q 
information systems 

Gordon B. Davis, John T. Gorgone, J. Daniel Couger, David L Feinstein, Herbert E. 
Longenecker 

December 1996 ACM SIGMIS Database , Guidelines for undergraduate degree 

programs on Model curriculum and guidelines for undergraduate 
degree programs in information systems IS '97, volume 28 issue l 

Publisher: ACM Press 

Full text available: *^ pdf(7.24 MB) Additional Information: full citation , citings 
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7 Privacy and anonymity: Obfuscated databases and group privacy Q 




Arvind Narayanan, Vitaly Shmatikov 
November 2005 Proceedings of the 12th ACM conference on Computer and 



communications security CCS '05 
Publisher: ACM Press 

Full text available: pdf(239.03 KB) Additional Information: full citation , abstract , references , index terms 

We investigate whether it is possible to encrypt a database and then give it away in such 
a form that users can still access it, but only in a restricted way. In contrast to 
conventional privacy mechanisms that aim to prevent any access to individual records, we 
aim to restrict the set of queries that can be feasibly evaluated on the encrypted 
database. We start with a simple form of database obfuscation which makes database 
records indistinguishable from lookup functions. The only feasibl ... 

Keywords: database privacy, obfuscation 



8 Trust management for IPsec Q 

May 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 

Issue 2 
Publisher: ACM Press 

Full text available* fi9 pdf(321 98 KB) Add'*' 0 " 3 ' Information: fu l l citation , abstract , references , citings , index 
l^j. _ terms , review 

IPsec is the standard suite of protocols for network-layer confidentiality and 
authentication of Internet traffic. The IPsec protocols, however, do not address the 
policies for how protected traffic should be handled at security end points. This article 
introduces an efficient policy management scheme for IPsec, based on the principles of 
trust management. A compliance check is added to the IPsec architecture that tests 
packet filters proposed when new security associations are created for confo ... 

Keywords: Credentials, IPsec, KeyNote, network security, policy, trust management 



9 Short papers -- works in progress: Pvault: a client server system providin g mobile 
^ access to personal data 

^ Ravi Chandra Jammalamadaka, Sharad Mehrotra, Nalini Venkatasubramanian 

November 2005 Proceedings of the 2005 ACM workshop on Storage security and 

survivability StorageSS '05 
Publisher: ACM Press 

Full text available: ^pdfd 34.27 KB) Additional Information: full citation , abstract , references , index terms 

In this paper we describe the design for the Pvault software, which is a personal data 
manager that stores and retrieves data from a remote untrusted data server securely. The 
major advantage of Pvault is that it allows users to access their personal data from any 
trusted remote computer. We will describe the issues and solutions for maintaining data 
confidentiality and integrity when the data is stored at the remote sever, since the server 
itself is untrusted. Pvault also p ... 

Keywords: cryptography, database, encryption, mobile access, secure sharing, secure 
storage, security, untrusted service provider model 



10 Cluster-based scalable network services 

Armando Fox, Steven D. Gribble, Yatin Chawathe, Eric A. Brewer, Paul Gauthier 
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October 1997 ACM SIGOPS Operating Systems Review , Proceedings of the sixteenth 
ACM symposium on Operating systems principles SOSP '97, volume 3i issue 

5 

Publisher: ACM Press 

Full text available: ^[ pdf(2.42 MB) Additional Information: full citation , references , citings, index terms 



11 Fast detection of communication patterns in distributed executions 
Thomas Kunz, Michiel F. H. Seuren 

November 1997 Proceedings of the 1997 conference of the Centre for Advanced 
Studies on Collaborative research CASCON '97 

Publisher: IBM Press 

Full text available: ^jj?|pdf(4.21 MB) Additional Information: full citat ion, abstract , references , index terms 

Understanding distributed applications is a tedious and difficult task. Visualizations based 
on process-time diagrams are often used to obtain a better understanding of the 
execution of the application. The visualization tool we use is Poet, an event tracer 
developed at the University of Waterloo. However, these diagrams are often very complex 
and do not provide the user with the desired overview of the application. In our 
experience, such tools display repeated occurrences of non-trivial commun ... 




12 Storing text retrieval systems on CD-ROM: compression and encryption 
considerations 

Shmuel T. Klein, Abraham Bookstein, Scott Deerwester 

July 1989 ACM Transactions on Information Systems (TOIS), volume i issue 3 
Publisher: ACM Press 

Full text available* IS pdf( 1 53 MB) Additional Information: full citation , abstract , references , citings, index 
• i£j terms , review 

The emergence of the CD-ROM as a storage medium for full-text databases raises the 
question of the maximum size database that can be contained by this medium. As an 
example, the problem of storing the Tresor de la Langue Fran&ccidel;aise on a CD-ROM is 
examined in this paper. The text alone of this database is 700 megabytes long, more than 
a CD-ROM can hold. In addition, the dictionary and concordance needed to access these 
data must be stored. A further constraint is that some of th ... 



13 Illustrative risks to the public in the use of computer systems and related technolog y Q 
Peter G. Neumann 

January 1996 ACM SIGSOFT Software Engineering Notes, Volume 21 issue 1 
Publisher: ACM Press 

Full text available: ^ pdf(2.54 MB) Additional Information: full citation 




Illustrative risks to the public in the use of computer systems and related technolog y Q 
Peter G. Neumann 

January 1994 ACM SIGSOFT Software Engineering Notes, volume 19 issue 1 
Publisher: ACM Press 

Full text available: ^gj pdf(2.24 MB) Additional Information: full citation , citings , index terms 



1 5 Intrusion detection: Counterin g code-in j ection a ttacks with instruction-set 
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Gaurav S. Kc, Angelos D. Keromytis, Vassilis Prevelakis 
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October 2003 Proceedings of the 10th ACM conference on Computer and 

communications security CCS '03 
Publisher: ACM Press 

Full text available: f BpdfM 46.35 KB) Additional Information: full citation, abstract , references , citings, index 
• L±H== = terms 

We describe a new, general approach for safeguarding systems against any type of code- 
injection attack. We apply Kerckhoff's principle, by creating process-specific randomized 
instruction sets (e.g., machine instructions) of the system executing potentially vulnerable 
software. An attacker who does not know the key to the randomization algorithm will 
inject code that is invalid for that randomized processor, causing a runtime exception. To 
determine the difficulty of integrating su ... 

Keywords: buffer overflows, emulators, interpreters 



16 ISOC symposium on network and distributed systems security 
Dan Nessett 

April 1994 ACM SIGCOMM Computer Communication Review, volume 24 issue 2 
Publisher: ACM Press 

Full text available: ^g )pdf(821.23 KB) Additional Information: full citation , index terms 



17 Password mana gement, mnemonics , and mother's ma i den nam es: Pa sspet: 
& convenient password management and phishing protection 
^ Ka-Ping Yee, Kragen Sitaker 

July 2006 Proceedings of the second symposium on Usable privacy and security 
SOUPS '06 

Publisher: ACM Press 

Full text available: ^ pdf(479.35 KB) Additional Information: full citation , abstract , references , index terms 

We describe Passpet, a tool that improves both the convenience and security of website 
logins through a combination of techniques. Password hashing helps users manage 
multiple accounts by turning a single memorized password into a different password for 
each account. User-assigned site labels (petnames) help users securely identify sites in 
the face of determined attempts at impersonation (phishing). Password-strengthening 
measures defend against dictionary attacks. Customizing the user interfac ... 





H 



18 The internet worm pro g ram: an analysis Q 
Eugene H. Spafford 

January 1989 ACM SIGCOMM Computer Communication Review, volume 19 issue l 
Publisher: ACM Press 

Full text available: ^pdf(2.45 MB) Additional Information: full citation , abstract , citings , index terms 

On the evening of 2 November 1988, someone infected the Internet with a worm 
program. That program exploited flaws in utility programs in systems based on BSD- 
derived versions of UNIX. The flaws allowed the program to break into those machines 
and copy itself, thus infecting those systems. This program eventually spread to 
thousands of machines, and disrupted normal activities and Internet connectivity for 
many days.This report gives a detailed description of the components of the ... 

19 Cryptogra phic protocols/ network security: Security proofs for an efficient password- Q 
^ based key exchan ge 

^ Emmanuel Bresson, Olivier Chevassut, David Pointcheval 

October 2003 Proceedings of the 10th ACM conference on Computer and 
communications security CCS '03 
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Publisher: ACM Press 

Full text available: « Pdf(233.51 KB) Additional Information: full citation , abstract , references , citings, index 
m terms 

Password-based key exchange schemes are designed to provide entities communicating 
over a public network, and sharing a (short) password only, with a session key (e.g, the 
key is used for data integrity and/or confidentiality). The focus of the present paper is on 
the analysis of very efficient schemes that have been proposed to the IEEE P1363 
Standard working group on password-based authenticated key-exchange methods, but 
which actual security was an open problem. We analyze the AuthA key excha ... 

Keywords: key exchange, password-based authentication 



20 Remus: a security-enhanced operating system 
Massimo Bernaschi, Emanuele Gabrielli, Luigi V. Mancini 

February 2002 ACM Transactions on Information and System Security (TISSEC), volume 

5 Issue 1 
Publisher: ACM Press 

Full text available' pdfC295 33 KB) Add ' tional Information: full citation, abstract , references , citings, index 
•m- ' terms . 

We present a detailed analysis of the UNIX system calls and classify them according to 
their level of threat with respect to system penetration. Based on these results, an 
effective mechanism is proposed to control the invocation of critical, from the security 
viewpoint, system calls. The integration into existing UNIX operating systems is carried 
out by instrumenting the code of the system calls in such a way that the execution is 
granted only in the case where the invoking process and the valu ... 

Keywords: Access control, Linux, privileged tasks, system calls interception, system 
penetration 
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